# Threat Modeling Overview Threat Modeling is an operational framework and organizational model to help aid a security engineer by providing a logical approach and language for secure system design. Threat modeling can be done at various stages in SDLC and in Platform & Infrastructure engineering. When used with SDLC it helps to incorporate it into earlier stages on forks and again on the final product itself. Then for Platform & Infrastructure it is best done in the requirements engineering phase as the security gating to move into other approvals. {% hint style="info" %} Threat Models are living diagrams which can and will change over time. {% endhint %} ### Basic Threat Modeling Flow * [x] System Modeling * [x] Identify Scope and System Components (Processes, Data Flows, Backups, Logging, etc) * [x] Diagram the Solution * [x] Identify Actors/Abusers * [x] Identify * [x] Threat Assessment * [x] Address Threats * [x] Validate Model ### Popular Threat Modeling Frameworks There are many Threat Modeling frameworks that are in use and work well. Each are specialized towards a certain goal. The two covered here are STRIDE and PASTA. STRIDE is older but still a relivent starting place for general security engineering in the context of SOC Engineering. PASTA is a good private sector Security Engineering framework for platforming as it tends to allow for a more directed approach to the business needs. #### STRIDE * Spoofing * Tampering * Repudiation * Information Disclosure * Denial of Service * Elevation of Privilege #### PASTA (Process for Attack Simulation and Threat Analysis) * Define Business Objectives * Define the technical scope of assets and components * Application decomposition and identify application controls * Threat analysis based on threat intelligence * Vulnerability detection * Attack enumeration and modeling * Risk analysis and development of countermeasures --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://www.hackbook.io/threatmodeling/threat-modeling-overview.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.